Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto/dsa: invalid public key causes panic in dsa.Verify #34960

Closed
katiehockman opened this issue Oct 17, 2019 · 6 comments
Closed

crypto/dsa: invalid public key causes panic in dsa.Verify #34960

katiehockman opened this issue Oct 17, 2019 · 6 comments
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done. release-blocker Security
Milestone

Comments

@katiehockman
Copy link
Contributor

Invalid DSA public keys can cause a panic in dsa.Verify. In particular, using crypto/x509.Verify on a crafted X.509 certificate chain can lead to a panic, even if the certificates don’t chain to a trusted root. The chain can be delivered via a crypto/tls connection to a client, or to a server that accepts and verifies client certificates. net/http clients can be made to crash by an HTTPS server, while net/http servers that accept client certificates will recover the panic and are unaffected.

Moreover, an application might crash invoking crypto/x509.(*CertificateRequest) CheckSignature on an X.509 certificate request, parsing a golang.org/x/crypto/openpgp Entity, or during a golang.org/x/crypto/otr conversation. Finally, a golang.org/x/crypto/ssh client can panic due to a malformed host key, while a server could panic if either PublicKeyCallback accepts a malformed public key, or if IsUserAuthority accepts a certificate with a malformed public key.

The issue is CVE-2019-17596.

@katiehockman katiehockman added Security NeedsFix The path to resolution is known, but the work has not been done. labels Oct 17, 2019
@katiehockman katiehockman added this to the Go1.14 milestone Oct 17, 2019
@katiehockman
Copy link
Contributor Author

@gopherbot please open backport issues as this is a security issue

@gopherbot
Copy link

Backport issue(s) opened: #34961 (for 1.12), #34962 (for 1.13).

Remember to create the cherry-pick CL(s) as soon as the patch is submitted to master, according to https://golang.org/wiki/MinorReleases.

@kevinburke1
Copy link

I may be missing something, but I don't see this commit on or near tip of the master branch. Is Go 1.14/master not vulnerable to this issue?

@FiloSottile
Copy link
Contributor

The announcement has more details about the impact: https://groups.google.com/d/msg/golang-announce/lVEm7llp0w0/VbafyRkgCgAJ

@kevinburkemeter We do the cherry-pick to master last, as we make no security promises about tip, making it low priority. This issue will be closed when that happens.

@kevinburke1
Copy link

Ah, okay, thanks for the clarification. I got confused by the bot which says "as soon as the patch is submitted to master" which would seem to imply that's the first thing that happens.

amartinezfayo added a commit to amartinezfayo/spire that referenced this issue Oct 18, 2019
golang/go#34960
This PR bumps the 0.8 branch. A new release will be cut as soon as this is merged.

Signed-off-by: Agustín Martínez Fayó <amartinezfayo@gmail.com>
amartinezfayo added a commit to amartinezfayo/spire that referenced this issue Oct 18, 2019
golang/go#34960

This PR bumps the 0.8 branch. A new release will be cut as soon as this is merged.

Signed-off-by: Agustín Martínez Fayó <amartinezfayo@gmail.com>
craig bot pushed a commit to cockroachdb/cockroach that referenced this issue Oct 29, 2019
41901: storage/engine: centralize specification of pebble.Options r=petermattis a=petermattis

Fixes #41860

Release note: None

41993: build: Upgrade to go 1.12.12 r=bobvawter a=bobvawter

This change upgrades the go runtime to 1.12.12 in order to pick up a [security
fix](golang/go#34960).

Per the [checklist](build/README.md):
* [X] Adjust version in Docker image
* [X] Rebuild the Docker image and bump the version in builder.sh accordingly
* [ ] ~Bump the version in go-version-check.sh~ (Patch release, not necessary)
* [X] Bump the default installed version of Go in bootstrap-debian.sh

Fixes: #41718

Release note (build change): The go runtime has been upgraded to 1.12.12.

Co-authored-by: Peter Mattis <petermattis@gmail.com>
Co-authored-by: Bob Vawter <bob@cockroachlabs.com>
cirocosta pushed a commit to concourse/concourse that referenced this issue Oct 31, 2019
add the release note about building Concourse with go 1.13.2 to address
golang/go#34960 (CVE-2019-17596).

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
cirocosta pushed a commit to concourse/concourse that referenced this issue Oct 31, 2019
add the release note about building Concourse with go 1.13.2 to address
golang/go#34960 (CVE-2019-17596).

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
@gopherbot
Copy link

Change https://golang.org/cl/205441 mentions this issue: crypto/dsa: prevent bad public keys from causing panic

aledegano pushed a commit to Pix4D/concourse that referenced this issue Dec 16, 2019
add the release note about building Concourse with go 1.13.2 to address
golang/go#34960 (CVE-2019-17596).

Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done. release-blocker Security
Projects
None yet
Development

No branches or pull requests

4 participants